Building Internet Firewalls, 2/e (Paperback)

Elizabeth D. Zwicky, Simon Cooper, D. Brent Chapman

  • 出版商: O'Reilly
  • 出版日期: 2000-08-01
  • 定價: $1,980
  • 售價: 6.0$1,188
  • 語言: 英文
  • 頁數: 896
  • 裝訂: Paperback
  • ISBN: 1565928717
  • ISBN-13: 9781565928718
  • 相關分類: 資訊安全
  • 立即出貨

買這商品的人也買了...

商品描述

In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated Building Internet Firewalls to address these newer risks.

What kinds of security threats does the Internet pose? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines.

Firewalls, critical components of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down.

Like the bestselling and highly respected first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes:

  •  
    • Firewall technologies: packet filtering, proxying, network address translation, virtual private networks

    • Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls

    • Issues involved in a variety of new Internet services and protocols through a firewall

    • Email and News

    • Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo)

    • File transfer and sharing services such as NFS, Samba

    • Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000

    • Real-time conferencing services such as ICQ and talk

    • Naming and directory services (e.g., DNS, NetBT, the Windows Browser)

    • Authentication and auditing services (e.g., PAM, Kerberos, RADIUS);

    • Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics)

    • Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP)

    • Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server)


    •  



  •  
  • The book's complete list of resources includes the location of many publicly available firewall construction tools.

 

商品描述(中文翻譯)

在這本經典書籍第一版出版的五年裡,互聯網的使用量急劇增加。商業世界急於在網絡上進行業務,但往往沒有將安全技術和策略融入產品和方法中。安全風險和保護商業和個人數據的需求從未如此迫切。我們更新了《建立網絡防火牆》以應對這些新風險。

互聯網帶來了哪些安全威脅?一些威脅,如密碼攻擊和利用已知的安全漏洞,自網絡建立之初就存在。而其他一些威脅,如分布式拒絕服務攻擊,曾在2000年初使雅虎、易趣和其他主要電子商務網站癱瘓,現在仍然時有耳聞。

防火牆是當今計算機網絡的關鍵組件,可以有效地保護系統免受大多數互聯網安全威脅。它們可以防止網絡的一部分(如竊聽、蠕蟲程序或文件損壞)擴散到網絡的其他部分。如果沒有防火牆,網絡安全問題可能失控,導致越來越多的系統崩潰。

《建立網絡防火牆》第二版是暢銷且備受尊敬的第一版的實用且詳細的逐步指南,介紹了設計和安裝防火牆以及配置與防火牆一起工作的互聯網服務的方法。第二版大幅擴展,包括Linux和Windows的內容,描述了以下內容:

- 防火牆技術:封包過濾、代理、網絡地址轉換、虛擬私有網絡
- 架構,如篩選路由器、雙主機、篩選主機、篩選子網、邊界網絡、內部防火牆
- 與各種新的互聯網服務和協議相關的問題,如電子郵件和新聞
- 網絡服務和腳本語言(如HTTP、Java、JavaScript、ActiveX、RealAudio、RealVideo)
- 文件傳輸和共享服務,如NFS、Samba
- 遠程訪問服務,如Telnet、BSD的“r”命令、SSH、BackOrifice 2000
- 即時會議服務,如ICQ和talk
- 命名和目錄服務(如DNS、NetBT、Windows瀏覽器)
- 認證和審計服務(如PAM、Kerberos、RADIUS)
- 管理服務(如syslog、SNMP、SMS、RIP和其他路由協議,以及ping和其他網絡診斷工具)
- 中介協議(如RPC、SMB、CORBA、IIOP)
- 數據庫協議(如ODBC、JDBC,以及Oracle、Sybase和Microsoft SQL Server的協議)

書中提供了完整的資源列表,包括許多公開可用的防火牆構建工具的位置。